This guide describes how to connect Rapid7​ to Workbench and add Rapid7​ console access.

Step 1: Get the API Credentials from Rapid7​ VM

An organization API key allows access to InsightVM product APIs, and can only be generated by administrators.

  1. Log in to the customer’s Rapid7​ console as an administrator.

  2. In Insight Platform, select Home.

    The location of the Home icon in Insight Platform
  3. Select API Key Management.

    image of the key icon that represents API key management
  4. Select Organization Keys.

  5. On the Organization Keys screen, select Generate New Organization Key.

    the location of the Generate New Organization Key button
    • Enter your organization name.

    • In the ExpelAPI field, enter the Expel API key.

      We suggest ExpelAPI.

    • Generate the key by selecting Submit.

      A window opens to display the generated key.

      Note

      Note the key for later use in Workbench. You can't retrieve the key after you close the window.

Step 2: Add a Rapid7​ InsightVM Console User

Expel's device health team uses console access to investigate potential health issues with your tech. Having access to the interface of your technology allows Expel to dig deeper during incident investigation and supports programmatic vulnerability scanning (i.e. scan details, tagging, asset types, exceptions, and other features).

 

To be able to access the Rapid7​ console, add a new user.

  1. In Insight Platform, select Settings > User Management.

  2. Select Add User.

  3. In the Email field, enter soc+<Your_Organization_Name>@expel.io.

    Note
    Yes, the "+" sign is part of the email address, and it's important. Click here to find out why.

  4. In the First Name field, enter SOC.

  5. In the Last Name field, enter Expel.

  6. In the Time Zone field, select UTC.

  7. In Product Roles, select Admin.

  8. Select Submit. The user is now added to InsightOps, which generates an email to the SOC team to activate the account.

Step 3: Add Rapid7​ API Credentials to Workbench

You can now add Rapid7​ InsightVM to Workbench.

  1. Log in to https://workbench.expel.io.

  2. Navigate to Organization Settings > Security devices.

  3. Select +Add security device.

  4. Search for and select Rapid7​ InsightVM.

    Add Security Device screen for Rapid7

    Note

    If you don't see the Rapid7​ InsightVM Scanner in Workbench as an integration, then an Expel customer support engineer must set the connection by using the API information provided by the client.

  5. Complete the Add Security Device form:

    • Name - enter the name of the device.

    • Location - enter the location of the device.

    • API Key - provide the key that was generated in Step 1.

    • Region - enter the location of Rapid7​.

  6. Set up the console:

    • In the How will you access the console field, select Set up now (recommended).

    • In the Console URL field, enter https://insight.rapid7.com.

    • In the Username field, enter soc+<Your_Organization_Name>@expel.io.

  7. Select Save.